<!DOCTYPE HTML>
<html>
<head>
  <meta charset="utf-8">
  <title>Bug 1139297 - Implement CSP upgrade-insecure-requests directive</title>
</head>
<body>

<script type="text/javascript">
  // === TEST 1
  var url1 = "http://test1.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test1";
  var xhr1 = new XMLHttpRequest();
  xhr1.open("GET", url1, true);
  xhr1.onload = function() {
  	window.parent.postMessage(xhr1.response, "*");
  };
  xhr1.onerror = function() {
  	window.parent.postMessage("test1-failed", "*");
  };
  xhr1.send();

  // === TEST 2
  var url2 = "http://test1.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test2";
  var xhr2 = new XMLHttpRequest();
  xhr2.open("GET", url2, true);
  xhr2.onload = function() {
    window.parent.postMessage(xhr2.response, "*");
  };
  xhr2.onerror = function() {
    window.parent.postMessage("test2-failed", "*");
  };
  xhr2.send();

  // === TEST 3
  var url3 = "http://test2.example.com/tests/dom/security/test/csp/file_upgrade_insecure_cors_server.sjs?test3";
  var xhr3 = new XMLHttpRequest();
  xhr3.open("GET", url3, true);
  xhr3.onload = function() {
  	window.parent.postMessage(xhr3.response, "*");
  };
  xhr3.onerror = function() {
  	window.parent.postMessage("test3-failed", "*");
  };
  xhr3.send();

</script>

</body>
</html>
